Independent AWS Consultant
2022 - PRESENTRehashly- Ran an AWS cloud consultancy to help clients build resilient, secure, and cost-optimized solutions on AWS.
- Helped a client build their SOC program by analyzing their system, filling gaps in logging and monitoring, writing incident response runbooks, and training the development team on secure coding and AWS security best practices.
- Bootstrapped the organization's AWS cloud infrastructure by building an AWS Control Tower landing zone and connecting their Google Workspace identities to AWS SSO. Also helped them establish security best practices.
- Performed forensic investigation for a security incident where a client lost access to some production S3 buckets. Gave the client detailed advice on how they should proceed from there to mitigate the incident and make sure it doesn't happen again.
- Assisted a client in the medical field to build a HIPAA-compliant network and data security infrastructure and set up a process for continuously monitoring and remediating compliance-related security controls.
Technologies: Node.js, Python, Amazon Web Services (AWS), Web Security, Cloud Security, Security Testing, Secure Coding, Web App Security, Security Audits, MongoDB, Infrastructure as Code (IaC), AWS Cloud Development, AWS CloudFormation, Back-end Development, Back-end, Functional Programming, DevOps, AWS DevOps, Architecture, OpenAPI, Swagger, OAuth 2, JSON, JSON Web Tokens (JWT), PostgreSQL, Jinja, React, HTML, CSS, Flask, REST APIs, NoSQL, MySQL, SQL, Next.js, Full-stack, Full-stack Development, Technical Leadership, Terraform, Identity & Access Management (IAM), DevSecOps, Boto 3, Google Cloud Platform (GCP), Software Design, API Integration, Integration, CI/CD Pipelines, Git, GraphQL, Cloud Platforms, Engineering, Go, IT Security, Leadership, Requirements Analysis, Technical Project Management, Postman, Prototyping, Docker, Data Modeling, Amazon CloudFront CDNSoftware Development Engineer
2016 - 2022Amazon Web Services (AWS)- Built, launched, and helped grow Amazon GuardDuty into an indispensable tool for security operations teams looking to secure their businesses' AWS workloads. GuardDuty is AWS's intelligent threat detection and security monitoring service.
- Worked closely with leadership on planning feature roadmaps, prioritizing customer requests, scoping, estimating, and tracking projects, and addressing high-urgency escalations.
- Helped architect and build several high-throughput scalable back-end microservices with strict reliability and security requirements, each processing billions of events daily.
- Built some of GuardDuty's high-value security detections end-to-end, from ideation, working with a cross-functional team of product managers, applied scientists, and security engineers, prototyping, testing, operationalization, and launch.
- Led the design and implementation of GuardDuty's multi-account functionality, simplifying GuardDuty's usability across member accounts of an AWS organization. This feature was instrumental in accelerating GuardDuty's adoption by many AWS customers.
- Pioneered the technical design and evolution of GuardDuty's control plane architecture, including external APIs, multi-language SDKs, and CloudFormation resources. Set processes and standards for API launch readiness.
- Provided technical leadership and mentoring for multiple generations of engineers over my tenure with AWS.
Technologies: AWS CloudFormation, Security, Amazon GuardDuty, Java, Python, TypeScript, AWS Cloud Development, Apache Spark, Scala, Ruby, Serverless, REST, APIs, Microservices, Node.js, AWS IAM, C++, AWS CloudTrail, AWS Kinesis, AWS Lambda, Elasticsearch, Application Security, Amazon CloudWatch, Amazon Simple Queue Service (SQS), AWS Simple Notification Service (AWS SNS), Amazon S3 (AWS S3), Amazon ECS (Amazon Elastic Container Service), AWS Fargate, Amazon DynamoDB, Amazon Route 53, AWS Certificate Manager, Amazon API Gateway, AWS Glue, Dagger 2, Gradle, Program Management, Technical Program Management, Compliance, Web Security, Cloud Security, Amazon EC2, Amazon Virtual Private Cloud (VPC), AWS Organizations, GRC, PCI DSS, PCI Compliance, HIPAA Compliance, GDPR, SOC Compliance, SOC 2, Web App Security, Amazon Elastic MapReduce (EMR), Threat Modeling, Secure Coding, Security Testing, Security Audits, API Design, Amazon Web Services (AWS), Serverless Architecture, Machine Learning, Software as a Service (SaaS), Linux, JavaScript, Databases, Back-end Development, Back-end, Functional Programming, DevOps, AWS DevOps, Architecture, OpenAPI, Swagger, OAuth 2, JSON, Jinja, React, HTML, CSS, REST APIs, NoSQL, Full-stack, Full-stack Development, Technical Leadership, Identity & Access Management (IAM), DevSecOps, Boto 3, Spark, Software Design, API Integration, Integration, CI/CD Pipelines, Git, Cloud Platforms, Engineering, Go, IT Security, Leadership, Requirements Analysis, Technical Project Management, Postman, Agile, Prototyping, Docker, ETL Implementation & Design, Data Modeling, Amazon CloudFront CDN, ETLLead Software Engineer
2012 - 2016Cadence Design Systems- Developed module generators, layout-only object generators such as dummies, guard rings, and polyfills, and place and route tools for the Cadence Virtuoso GXL physical layout suite.
- Built a system for the assisted routing of physical layout devices, which accelerates the effort of routing components while allowing physical layout engineers to customize specific routing parameters.
- Led module generator qualification efforts on TSMC's advanced node process design kits (PDKs), for example, TSMC 16nm and 10nm, which gave customers better confidence in adopting them.
Technologies: Electronic Design Automation (EDA), C++, Lisp, Python, Compilers, Compiler Design, Linux, Databases, Functional Programming, Architecture, JSON, HTML, CSS, Technical Leadership, Software Design, API Integration, Legacy Software, Legacy Code, Integration, Git, Engineering, Requirements Analysis, Desktop App Development, Technical Project Management, PrototypingSoftware Development Engineer
2007 - 2012Mentor Graphics (Acquired by Siemens)- Built compilers and automations to help the custom IC design group accelerate PDK development for the foundries' advanced technology nodes, for example, TSMC 16nm.
- Contributed to reducing the mentor's release cycle, from 7-8 weeks down to 4-5 days, for advanced node PDKs of key foundries like TSMC and GlobalFoundries.
- Represented Mentor Graphics in the OpenPDK Coalition, an open coalition aiming to define a set of open standards to allow an OpenPDK to be created once and then translated into specific EDA vendor tools and specific foundry formats.
- Trained Mentor Graphics' PDK development team on using new PDK automation systems and building foundry partnerships.
Technologies: Electronic Design Automation (EDA), C++, Python, Compilers, Compiler Design, Linux, Databases, Functional Programming, Lisp, Architecture, JSON, HTML, CSS, Technical Leadership, Software Design, API Integration, Legacy Software, Legacy Code, Integration, Engineering, Requirements Analysis, Desktop App Development, Prototyping